 ask - security has been compromised? [message #114794] |
Fri, 11 July 2014 09:14  |
no_name
Messages: 23
Registered: April 2011
|
|
|
|
hi there,
I'm sorry if I wrong place for this case.
I've created system for internet gateway, and using Kerio Control as a firewall gateway, since this is relative cheap solution than other. this server also installed mail server (but use other brand, requested by them).
recently, one of their users experience:
- one of user's partners, partner_A, each time partner_A send email to this user, this user will also receive another email similar but slightly different.
- let say partner_A has email address partner_A@mydomain.com, then there is email from partner_A<_at_>mydomian.com). yes correct, the there is difference for the domain name (mydomain.com and mydomian.com)
- second email (from mydomian.com) close enough with the original, slightly different with the original.
my question is:
- is the server has been compromised?
- is the mail has been compromised? which one (mail server, mail domain, or mail account?
- which side that has been compromised (sender or recipient)?
if recipient has been compromised/hacked, is there a tips to configure Kerio control? or we need to configure mail server software?
thanks in advance
|
|
|
|
|
|
|
|
|
|
Members
Search
Help
Register
Login
Home
